Incentive Management Guidance related to Sale and Servicing of Insurance Products in Canada

On February 17, 2022, the Canadian Council of Insurance Regulators (“CCIR”) and the Canadian Insurance Services Regulatory Organizations (“CISRO”) released proposed guidance on incentive management related to the sale and servicing of insurance products (the “Proposed Guidance”).

The Proposed Guidance applies to insurers and intermediaries that pay compensation (monetary or non-monetary) and/or design incentive arrangements related to the sales and servicing of all insurance products, and provides CCIR’s and CISRO’s expectations with respect to the design and management of such arrangements.

The Proposed Guidance ensures that insurers and intermediaries develop incentive arrangements that achieve the fair treatments of customers and is intended to complement the joint guidance released by CCIR and CISRO in September 2018 (the “FCT Guidance”). The FCT Guidance sets out CCIR’s and CISRO’s expectations (to the extent of their respective authority) relating to the conduct of insurance business and fair treatment of actual and potential customers of insurance products.

The Proposed Guidance is described as being principles-based, providing insurers and intermediaries with the discretion to develop appropriate strategies, based on the nature, size and complexity of their business activities, that relate to governance, design and management of incentive arrangements, risks of unfair outcomes to customers and post-sale controls. Below is a summary of the objectives and principles set out in the Proposed Guidance.

  1. Governance

Objective – CCIR and CISRO expect insurers and intermediaries’ governance and business culture to place fair treatment of customers at the center of decisions concerning the way incentive arrangements are designed and managed.

Board and senior management have the ultimate responsibility to design, approve, implement, and monitor appropriate strategies, policies, procedures and controls that align with the overall risk appetite and culture of the organization, as it relates to incentive arrangements and fair treatment of customers.

Senior management should also consider working closely with risk management, compliance, legal and any other teams to determine any changes required to manage risks related to fair treatment of customers.

  1. Design and Management of Incentive Arrangements

Objective – CCIR and CISRO expect insurers and intermediaries to design and implement

incentive arrangements that include criteria ensuring fair treatment of customers.

Incentive arrangements should be designed in accordance with the following objectives:

  • be consistent with the level of service expected and provided throughout a product’s life cycle;
  • ensure that performance targets and criteria are clearly defined, measurable and are aligned to ensure fair treatment of customers; and
  • the cost of the product to the customer does not vary based on the distribution method.

The method and manner of implementation of incentive arrangements and the role that management plays in the process are equally important. In addition to managing potential conflicts of interest, management is also advised to take steps to identify and correct what it views as inappropriate practices against customers as a result of incentive arrangements.

  1. Risk of Unfair Outcomes to Customers

Objective – CCIR and CISRO expect insurers and intermediaries to regularly identify and assess the risks of unfair outcomes to customers that may arise from incentive arrangements so that either appropriate controls can be introduced, or the incentive arrangements can be adjusted.

Insurers and intermediaries are expected to review their incentive arrangements regularly and, if appropriate, consider changes to such arrangements that may result in unfair outcomes to customers.

  1. Post-sale Controls

Objective – CCIR and CISRO expect insurers and intermediaries to establish effective post-sale controls to identify inappropriate sales resulting from incentive arrangements.

Effective post-sale controls should enable insurers and intermediaries to determine whether there are any unsuitable sales resulting from specific incentive arrangements, to identify any significant risks in connection with the unfair outcome to customers and mitigate such risks, as necessary.

Examples of Incentive Arrangements that May Undermine Fair Treatment of Customers

The Proposed Guidance also includes an appendix which provides examples of incentive arrangements components which, without proper design, management and post-sale controls, may increase the risk of unfair outcomes for customers. Among others, CCIR and CISRO, identify the following examples of incentive arrangements that may raise concerns:

  • agreements between insurers and intermediaries incentivizing intermediaries’ conduct that could be inconsistent with fair treatment of customers;
  • bonus rates that increase with predetermined sales volumes;
  • excessive cross-selling incentives;
  • lifetime vesting of renewal commissions to intermediaries which can result in eventual client orphaning;
  • commissions linked to premium levels or investment amounts;
  • arrangements that create exit fees or penalties for customers;
  • performance criteria focused on meeting quantitative targets, which do not effectively align with interests of customers; and
  • chargeback mechanisms that may influence an intermediary to advise a customer to retain a product that does not meet the customer’s needs.

Interested parties are invited to submit comments related to the Proposed Guidance until April 4, 2022.

OSFI Consultation on Draft Guideline B-13 – Technology and Cyber Risk Management

The Office of the Superintendent of Financial Institutions (“OSFI”) launched a three-month public consultation on Draft Guideline B‑13, Technology and Cyber Risk Management (the “Proposed Guideline”) on November 9, 2021, and is inviting comments on the Proposed Guideline until February 9, 2022.

The Proposed Guideline has been released as part of OSFI’s Strategic Plan 2019 – 2022 and puts into action some of the themes set out is OSFI’s discussion paper Developing Financial Sector Resilience in a Digital World, published in September 2020.

The Proposed Guideline sets out OSFI’s expectations for sound technology and cyber risk management across five domains and, once finalized, would apply to all federally regulated financial institutions (“FRFIs”). However, consistent with OSFI’s other guidance on outsourcing, risk management and incident reporting, OSFI recognizes that the application of its expectations should be commensurate with the size, nature, scope and complexity of operations and the risk profile of each FRFI.

The five domains of OSFI’s expectations, and their respective desired outcomes, are as follows:

Domains for Sound Management of Technology and Cyber Risk Outcomes
1. Governance and Risk Management Technology and cyber risks are governed through clear accountabilities and structures, and comprehensive strategies and frameworks
2. Technology Operations A technology environment that is stable, scalable and resilient. The environment be kept current and supported by robust and sustainable technology operating processes
3. Cyber Security A secure technology posture that maintains the confidentiality, integrity and availability of the FRFI’s technology assets
4. Third-Party Provider Technology and Cyber Risk Reliable and secure technology and cyber operations from third-party providers
5. Technology Resilience Technology services be delivered, as expected, through disruption

OSFI recommends that the Proposed Guideline be considered in conjunction with other OSFI guidance, as well as other guidance issued by other authorities applicable to the FRFI’s operating environment. OSFI references, in particular, the OSFI Guideline E-21 (Operational Risk Management), OSFI Guideline B-10 (Outsourcing), OSFI Cyber Security Self-Assessment Tool, OSFI Technology and Cyber Security Incident Reporting Advisory, alerts, advisories and other communications issued by the Canadian Centre for Cyber Security, and recognized frameworks and standards for technology operations and information security.

Each of the five domains contains related prescriptive principles which are reproduced below.  The Proposed Guideline contains further discussion related to each of these principles which expand on OSFI’s expectations for FRFIs in connection with meeting the requirements in each domain.

Domain 1 – Technology and Cyber Governance and Risk Management

Principle 1 – Accountability and Organizational Structure

Senior Management should assign responsibility for managing technology and cyber risks to senior officers. It should also ensure an appropriate organizational structure and adequate resourcing are in place for managing technology and cyber risks across the FRFI.

Principle 2 –Technology and Cyber Strategy

The FRFI should define, document, approve and implement a strategic technology and cyber plan(s). The plan(s) should align with the FRFI’s business strategy and set goals and objectives that are measurable and evolve with changes in the FRFI’s technology and cyber environment.

Principle 3 – Technology and Cyber Risk Management Framework

The FRFI should establish a technology and cyber risk management framework. The framework should set out a risk appetite for technology and cyber risks and define what processes and requirements the FRFI utilizes to identify, assess, manage, monitor and report on technology and cyber risks.

Domain 2 – Technology Operations

Principle 4 – Technology Architecture

The FRFI should implement a technology architecture framework with supporting processes to ensure solutions are built in line with business, technology and security requirements.

Principle 5 – Technology Asset Management

The FRFI should maintain an updated inventory of all technology assets supporting business processes or functions. The FRFI’s asset management process should address classification of assets to facilitate risk identification and assessment, record configurations to ensure asset integrity, provide for the safe disposal of assets at the end of their life cycle and monitor and manage technology currency.

Principle 6 – Technology Project Management

The FRFI should ensure that effective processes are in place to govern and manage technology projects, from initiation to closure, to ensure that project outcomes are aligned with business objectives and are achieved within the FRFI’s risk appetite.

Principle 7 – System Development Life Cycle

The FRFI should implement a System Development Life Cycle framework for the secure development, acquisition and maintenance of technology systems that perform as expected in support of business objectives.

Principle 8 – Change and Release Management

The FRFI should establish and implement a technology change and release management process and supporting documentation to ensure changes to technology assets are documented, assessed, tested, approved, implemented and verified in a controlled manner that ensures minimal disruption to the production environment.

Principle 9 – Patch Management

The FRFI should implement patch management processes to ensure controlled and timely application of patches across its technology environment to address vulnerabilities and flaws.

Principle 10 – Incident and Problem Management

The FRFI should effectively detect, log, manage, resolve, monitor and report on technology incidents and minimize their impacts.

Principle 11 – Technology Service Measurement and Monitoring

The FRFI should develop service and capacity standards and processes to monitor operational management of technology ensuring business needs are met.

Domain 3 – Cyber Security

Principle 12 – Identify

The FRFI should maintain a range of practices, capabilities, processes and tools to identify and assess cyber security for weaknesses that could be exploited by external and insider threat actors.

Principle 13 – Defend

The FRFI should design, implement and maintain multi-layer, preventive cyber security controls and measures to safeguard its technology assets.

Principle 14 – Detect

The FRFI should design, implement and maintain continuous security detection capabilities to enable monitoring, alerting, and enable forensic cyber security incident investigations.

Principle 15 – Respond, Recover and Learn

The FRFI should triage, respond to, contain, recover and learn from cyber security incidents impacting its technology assets, including incidents originating at third-party providers.

Domain 4 – Third-Party Provider Technology and Cyber Risk (TPP”)

Principle 16 – General

The FRFI should ensure that effective controls and processes are implemented to identify, assess, manage, monitor, report and mitigate technology and cyber risks throughout the TPP’s life cycle, from due diligence to termination/exit.

Domain 5 – Technology Resilience

Principle 17 – Disaster Recovery

The FRFI should establish and maintain an Enterprise Disaster Recovery Framework to support its ability to deliver technology services through disruption and operate within its risk tolerance.

Principle 18 – Testing of Disaster Recovery

The FRFI should perform scenario testing on disaster recovery capabilities to confirm its technology services operate as expected through disruption.

OSFI is inviting public comments on the Proposed Guideline which must be submitted by February 9, 2022.

OSFI is particularly interested in feedback on:

  • the clarity of OSFI’s expectations as set out in the Proposed Guideline;
  • the application of these expectations in relation with a financial institution’s size, nature, scope, and complexity of operations;
  • the balance between principles and prescriptiveness in OSFI’s expectations; and
  • any other suggestions that may contribute to OSFI’s mandate, while also allowing institutions to compete and take reasonable risks.

Ontario Amends Insurance Regulation to Permit Emergency Auto Premium Rebating

Effective April 15, 2020, section 2 of the Ontario Regulation 7/00 – Unfair or Deceptive Acts or Practices made under the Insurance Act (Ontario) (the “Regulation”) was amended by adding the following subsections:

“(3) Despite paragraphs 1 to 3 of subsection (1), a rebate of all or part of an automobile insurance premium is not prescribed as an unfair or deceptive act or practice if,

(a)  an emergency is declared under the Emergency Management and Civil Protection Act;

(b)  the rebate is issued in response to the declared emergency; and

(c)  the insurer files an undertaking with the Chief Executive Officer, in the form approved by the Chief Executive Officer.

(4) Subsection (3) applies from the day an emergency is declared under the Emergency Management and Civil Protection Act to the day that is one year after the day on which the declared emergency is terminated under that Act.”

The Ontario government’s regulatory action allows insurers in Ontario to respond to the state of emergency declared in the province on March 17, 2020 (the “State of Emergency”) by rebating all or part of an automobile insurance premium to their customers in order to relieve financial hardship due to the COVID-19 outbreak without violating the anti-rebating provisions of the Regulation.

The Financial Services Regulatory Authority of Ontario (“FSRA”) has published an Interpretation, an Approach and Information Guidance, dated April 15, 2020 which includes FSRA’s interpretation of the legal framework for emergency auto insurance premium rebate programs and the process for implementing such programs. There are a number of recommendations and requirements contained in this Guidance, which insurers should review prior to implementing emergency premium rebating programs.

Insurers providing any rebate to their customers during this emergency will only be protected by this amendment from March 17, 2020 to the day that is one year after the day on which the State of Emergency is terminated in Ontario.

Insurers who wish to implement emergency premium rebating programs must submit an undertaking to FSRA agreeing to be bound by such undertaking, the breach of which would be deemed to be an offense under section 447 of the Insurance Act and shall void application of section 2(3) of the Regulation.

The new Saskatchewan Insurance Act proclaimed into force on January 1, 2020.

Effective as of January 1, 2020, Saskatchewan’s new Insurance Act has come into force. The new Insurance Act was enacted by the Government of Saskatchewan on May 2015 and replaces prior legislation which was first enacted in 1913.

The new legislation is now available on the Publications Saskatchewan website, or you can access The Insurance Act and the Insurance Regulations through this post. Some of the highlights of this new legislation include:

  • new market conduct standards;
  • new licensing and supervision requirements for insurance distributors, such as new licensing categories for MGAs and third-party administrators; and
  • expansion of the restricted insurance agent licensing regime related to the sale of insurance in conjunction with the sale of certain other products and services.

The new legislation will bring Saskatchewan’s insurance legislation into closer alignment with the regulatory regimes of the other western provinces British Columbia, Alberta and Manitoba.

In order to assist insurers and other industry stakeholders with the transition to the new legislation, the Financial and Consumer Affairs Authority of Saskatchewan (the “Regulator”) is developing guidelines and interpretation bulletins to communicate the Regulator’s expectations. The Regulator has developed the following guidelines and interpretation bulletins to date:

Insurance & Reinsurance in Canada – 2019

GTDT Insurance & Reinsurance 2019 CANADA

The 2019 publication of Getting the Deal Through, is now available, and includes our updated summary guide to the regulation of insurance and reinsurance in Canada. Click here for access to our contribution.

Reproduced with permission from Law Business Research Ltd. This article was first published in Getting the Deal Through: Insurance & Reinsurance 2019, (published in July 2019; contributing editors: William D Torchiana, Mark F Rosenberg and Marion Leydier – Sullivan & Cromwell LLP). For further information please visit www.gettingthedealthrough.com.

OSFI Revised Corporate Governance Guideline for Financial Institutions – updated September 18, 2018

On September 18, 2018 the Office of the Superintendent of Financial Institutions (OSFI) published the final updated version of its Corporate Governance Guideline (“2018 CG Guideline“)The 2018 CG Guideline is more principles-based and sets out OSFI’s expectations for boards of directors (the “Board”) of federally regulated financial institutions, focusing particularly on Board effectiveness.

The 2018 CG Guideline’s main updates include:

  1. providing Boards with more discretion to meet the principles of the guideline, considering their organizations’ size, complexity and risk profile;
  2. clarifying the delineation between Board and senior management responsibilities; and
  3. consolidating Board duties previously set out in numerous OSFI guidelines and advisories.

OSFI has said it will conduct information seminars for directors and corporate secretaries of federally regulated financial institutions in fall 2018.

Please note that the 2018 CG Guideline does not apply to the Canadian branch operations of foreign financial institutions. However, OSFI plans to review and amend guidelines E-4A Role of the Chief Agent & Record Keeping Requirements and E-4B Role of the Principal Officer & Record Keeping Requirements in the near future.

Insurance & Reinsurance in Canada – 2018

The 2018 publication of Getting the Deal Through, is now available, and includes our updated summary guide to the regulation of insurance and reinsurance in Canada. Click  for access to our contribution.

Reproduced with permission from Law Business Research Ltd. This article was first published in Getting the Deal Through: Insurance & Reinsurance 2018, (published in July 2018; contributing editors: William D Torchiana, Mark F Rosenberg and Marion Leydier, Sullivan & Cromwell LLP). For further information please visit www.gettingthedealthrough.com.

Establishing Property & Casualty Insurance Operations in Canada


WSLAW_Ebook_propertycasualtyinsurance_Full_v5_Oct24 

 Toronto, November, 2017 — Walker Sorensen is pleased to announce that its most recent publication “Establishing Property & Casualty Insurance Operations in Canada” is now available. Developed by our lawyers, this guide is an invaluable resource that provides practical insights, and outlines the legal matters relevant to, establishing a property & casualty insurance business in Canada.

Establishing Property & Casualty Insurance Operations in Canada includes an overview of the federal and provincial laws and regulations pertinent to investors interested in the Canadian insurance industry. However, the information in this document is intended to provide general guidance, and is not an exhaustive analysis of all provisions of Canadian law with which an applicant wishing to establish property & casualty insurance operations in Canada may be required to comply. For this reason, we recommend that you seek legal advice from one of our lawyers on the specific legal aspects of your proposed investment or activity.

Download the PDF .

Insurance & Reinsurance in Canada – 2017

and-Reinsurance-Canada-212×300.jpg” alt=”Getting the Deal Through 2017 – Insurance and Reinsurance (Canada)” width=”212″ height=”300″ />

The 2017 publication of Getting the Deal Through, is now available, and includes our updated summary guide to the regulation of insurance and reinsurance in Canada. Click here for access to the e-Book.

Reproduced with permission from Law Business Research Ltd. This article was first published in Getting the Deal Through: Insurance & Reinsurance 2017, (published in June 2017; contributing editors: William D Torchiana, Mark F Rosenberg and Marion Leydier, Sullivan & Cromwell LLP). For further information please visit www.gettingthedealthrough.com.

New Record Keeping Requirements for Ontario Corporations

The Forfeited Corporate Property Act, 2015 (the “FCPA”) is a new Ontario statute that came in force on December 10, 2016 and made changes to the law regarding forfeited personal and real property following the dissolution of a corporation. As part of such changes, the FCPA imposed certain amendments to the Ontario Business Corporations Act (the “OBCA”) and Ontario Corporations Act that relate to new record-keeping obligations for both, new and existing Ontario corporations. Below, we are focusing on the amendments to the OBCA. These amendments are likely intended to make it easier for the Province of Ontario to locate the assets of dissolved corporations and assist the Province to use or sell any forfeited property.

1. Register of interests in land in Ontario and supporting documents

A new section 140.1 has been added to the OBCA. Subsection 140.1 (1) provides that:
“A corporation shall prepare and maintain at its registered office a register of its ownership interests in land in Ontario.”

The OBCA does not define the term “ownership interest”. However, it has been suggested that the phrase extends to both legal and beneficial interests in land. Such register shall identify each property and show the date the corporation acquired the property and, if applicable, the date the corporation disposed of it.
In addition, corporations are required to keep supporting documents with the property register, such as a copy of any deeds, transfers or similar documents that contain any of the following with respect to each property listed in the register:

1. The municipal address, if any;
2. The registry or land titles division and the property identifier number;
3. The legal description; or
4. The assessment roll number, if any.

The wording of the new section 140.1 suggests that these new requirements do not extend to ownership interests situated outside Ontario and to other Canadian corporations (incorporated federally or in any other Province, except Ontario), even if they hold ownership interests in land in Ontario.

2. Timing of Compliance

The amendments to the OBCA come into force on December 10, 2016 and apply immediately to all corporations that are incorporated or continued under the OBCA on or after such date. Corporations that were in existence before December 10, 2016 should be aware that the same law will apply to them as of December 10, 2018.

Contact Us